﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;

using System.Net;
using System.Web.Http.Filters;
using System.Web.Http.Controllers;
using System.Web.Http;
using System.Net.Http;
using webapiDemo;

/// <summary>
/// 验证用户在线
/// </summary>
public class AuthFilterAttribute : AuthorizeAttribute
{
    public override void OnAuthorization(HttpActionContext actionContext)
    {

        //如果用户方位的Action带有AllowAnonymousAttribute，则不进行授权验证
        if (actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any())
        {
            return;
        }

        string token = System.Web.HttpContext.Current.Request["token"] ?? "";

        bool pass = token == "1";

        if (!pass)
        {
            actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, new ApiResult
            {
                success = false,
                message = "请登录后，再操作"
            });

        }

        
    }

    //protected override void HandleUnauthorizedRequest(HttpActionContext filterContext)
    //{
    //    base.HandleUnauthorizedRequest(filterContext);

    //    //var response = filterContext.Response = filterContext.Response ?? new HttpResponseMessage();
    //    //response.StatusCode = HttpStatusCode.Forbidden;
    //    //var content = new Result
    //    //{
    //    //    success = false,
    //    //    errs = new[] { "服务端拒绝访问：你没有权限，或者掉线了" }
    //    //};
    //    //response.Content = new StringContent(Json.Encode(content), Encoding.UTF8, "application/json");
    //}
}